| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: eballen1 at qwest.net (Bruce Ediger) Subject: Trustworthy Computing Mini-Poll On Fri, 20 Dec 2002, Simon Richter wrote: > On Fri, Dec 20, 2002 at 02:47:59AM +0100, yossarian wrote: > > What > > features will my new computer have, that will convince me to lose certain > > options I have right now - playing music, copying what I like, etc?. > > I'd say protection from binary viruses and stack overflows, plus if > someone breaks into your computer and you have stored your key in a safe > place you can tell what she modified. So this would be a definitve must > if you're builing a server, and I'm asking now whether you would like > those features on your home box as well, even if you had to give up DVD > copying or get special illegal hardware for it. I'm sorry, maybe I was sleeping in class... can somebody explain to me how a TCPA machine (as currently hypothesized) would keep stack overflows from happening? Is this a facet of having a "nub" check each and every memory access, and having a stack marked "read/write/no execute"? Or is my vision not far enough? I'm serious here - I'm not trying to be argumentative, I just want to figure this out so I can evaluate it. I see that you qualified "protection from *binary* viruses" - the "nub" sure wouldn't allow a file that a file virus (Staog or something like that) had tinkered with to execute. But file viruses were never a serious threat as far as I can tell (see http://news.com.com/2009-1001-254061.html). The really widespread viruses were boot sector (basically BIOS infectors) and macro (code for "Word" macro) viruses - right? Not to say that other viruses don't exist, just that those were by far the greatest number in the wild. Now, Outlook viruses (Klez, SirCam, etc) seem like the real problem. Windows 98/ME seem to have enough reliability that people don't reboot with a floppy in place often enough to spread boot sector viruses. Can someone explain how TCPA might prevent "Word" macro viruses? It's my understanding that (unlike some Outlook viruses) macro viruses do exactly what a user might do - they don't take advantage of bugs to do their work. The automatic execution of macros in a "Word" document is the feature that enables macro viruses to spread. How does a TCPA computer prevent that? Users modify "Word" doc files all the time - TCPA can't stop users from tampering with .doc files and still retain any use for the computer in question. Outlook viruses seem to either spread via bugs in Outlook or the HTML engine used to render HTML email (part of IE?). How is a TCPA computer supposed to prevent that? A signed application has a bug that allows the signed application's scripting language to do things automatically that the application should only do at a user's behest. Very honestly, I don't see how a TCPA-crippled computer will help the macro virus or email virus situation. Maybe someone can explain, and I'd really appreciate that. Cause right now I get immunity from "Word" macro viruses and Outlook viruses by running AbiWord and Pine respectively. I don't need to trade in my Turing-capable machine for something that's crippled in ways that will cause problems we haven't yet forseen.
Powered by blists - more mailing lists